PageRenderTime 26ms CodeModel.GetById 16ms RepoModel.GetById 0ms app.codeStats 0ms

/admin/template/js/qfinder/core/connector/php/php5/CommandHandler/CopyFiles.php

https://gitlab.com/kidaa/quantum
PHP | 216 lines | 151 code | 29 blank | 36 comment | 46 complexity | c90da1335bbf9d333559435ce8ac8e61 MD5 | raw file
Possible License(s): GPL-2.0, MPL-2.0-no-copyleft-exception 
    

  1. <?php
    2. 

  2. 

  3. if (!defined('IN_QFINDER')) exit;
    4. 

  4. 

  5. require_once QFINDER_CONNECTOR_LIB_DIR . "/CommandHandler/XmlCommandHandlerBase.php";
    6. 

  6. 

  7. class QFinder_Connector_CommandHandler_CopyFiles extends QFinder_Connector_CommandHandler_XmlCommandHandlerBase
    8. 

  8. {
    9. 

  9.     /**
    10. 

  10.      * Command name
    11. 

  11.      *
    12. 

  12.      * @access private
    13. 

  13.      * @var string
    14. 

  14.      */
    15. 

  15.     private $command = "CopyFiles";
    16. 

  16. 

  17. 

  18.     /**
    19. 

  19.      * handle request and build XML
    20. 

  20.      * @access protected
    21. 

  21.      *
    22. 

  22.      */
    23. 

  23.     protected function buildXml()
    24. 

  24.     {
    25. 

  25.         if (empty($_POST['QFinderCommand']) || $_POST['QFinderCommand'] != 'true') {
    26. 

  26.             $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
    27. 

  27.         }
    28. 

  28. 

  29.         $clientPath = $this->_currentFolder->getClientPath();
    30. 

  30.         $sServerDir = $this->_currentFolder->getServerPath();
    31. 

  31.         $currentResourceTypeConfig = $this->_currentFolder->getResourceTypeConfig();
    32. 

  32.         $_config =& QFinder_Connector_Core_Factory::getInstance("Core_Config");
    33. 

  33.         $_aclConfig = $_config->getAccessControlConfig();
    34. 

  34.         $aclMasks = array();
    35. 

  35.         $_resourceTypeConfig = array();
    36. 

  36. 

  37.         if (!$this->_currentFolder->checkAcl(QFINDER_CONNECTOR_ACL_FILE_RENAME | QFINDER_CONNECTOR_ACL_FILE_UPLOAD | QFINDER_CONNECTOR_ACL_FILE_DELETE)) {
    38. 

  38.             $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UNAUTHORIZED);
    39. 

  39.         }
    40. 

  40. 

  41.         // Create the "Errors" node.
    42. 

  42.         $oErrorsNode = new QFinder_Connector_Utils_XmlNode("Errors");
    43. 

  43.         $errorCode = QFINDER_CONNECTOR_ERROR_NONE;
    44. 

  44.         $copied = 0;
    45. 

  45.         $copiedAll = 0;
    46. 

  46.         if (!empty($_POST['copied'])) {
    47. 

  47.             $copiedAll = intval($_POST['copied']);
    48. 

  48.         }
    49. 

  49.         $checkedPaths = array();
    50. 

  50. 

  51.         $oCopyFilesNode = new Qfinder_Connector_Utils_XmlNode("CopyFiles");
    52. 

  52. 

  53.         if (!empty($_POST['files']) && is_array($_POST['files'])) {
    54. 

  54.             foreach ($_POST['files'] as $index => $arr) {
    55. 

  55.                 if (empty($arr['name'])) {
    56. 

  56.                     continue;
    57. 

  57.                 }
    58. 

  58.                 if (!isset($arr['name'], $arr['type'], $arr['folder'])) {
    59. 

  59.                     $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
    60. 

  60.                 }
    61. 

  61. 

  62.                 // file name
    63. 

  63.                 $name = QFinder_Connector_Utils_FileSystem::convertToFilesystemEncoding($arr['name']);
    64. 

  64.                 // resource type
    65. 

  65.                 $type = $arr['type'];
    66. 

  66.                 // client path
    67. 

  67.                 $path = QFinder_Connector_Utils_FileSystem::convertToFilesystemEncoding($arr['folder']);
    68. 

  68.                 // options
    69. 

  69.                 $options = (!empty($arr['options'])) ? $arr['options'] : '';
    70. 

  70. 

  71.                 $destinationFilePath = $sServerDir.$name;
    72. 

  72. 

  73.                 // check #1 (path)
    74. 

  74.                 if (!QFinder_Connector_Utils_FileSystem::checkFileName($name) || preg_match(QFINDER_REGEX_INVALID_PATH, $path)) {
    75. 

  75.                     $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
    76. 

  76.                 }
    77. 

  77. 

  78.                 // get resource type config for current file
    79. 

  79.                 if (!isset($_resourceTypeConfig[$type])) {
    80. 

  80.                     $_resourceTypeConfig[$type] = $_config->getResourceTypeConfig($type);
    81. 

  81.                 }
    82. 

  82. 

  83.                 // check #2 (resource type)
    84. 

  84.                 if (is_null($_resourceTypeConfig[$type])) {
    85. 

  85.                     $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
    86. 

  86.                 }
    87. 

  87. 

  88.                 // check #3 (extension)
    89. 

  89.                 if (!$_resourceTypeConfig[$type]->checkExtension($name, false)) {
    90. 

  90.                     $errorCode = QFINDER_CONNECTOR_ERROR_INVALID_EXTENSION;
    91. 

  91.                     $this->appendErrorNode($oErrorsNode, $errorCode, $name, $type, $path);
    92. 

  92.                     continue;
    93. 

  93.                 }
    94. 

  94. 

  95.                 // check #4 (extension) - when moving to another resource type, double check extension
    96. 

  96.                 if ($currentResourceTypeConfig->getName() != $type) {
    97. 

  97.                     if (!$currentResourceTypeConfig->checkExtension($name, false)) {
    98. 

  98.                         $errorCode = QFINDER_CONNECTOR_ERROR_INVALID_EXTENSION;
    99. 

  99.                         $this->appendErrorNode($oErrorsNode, $errorCode, $name, $type, $path);
    100. 

  100.                         continue;
    101. 

  101.                     }
    102. 

  102.                 }
    103. 

  103. 

  104.                 // check #5 (hidden folders)
    105. 

  105.                 // cache results
    106. 

  106.                 if (empty($checkedPaths[$path])) {
    107. 

  107.                     $checkedPaths[$path] = true;
    108. 

  108. 

  109.                     if ($_resourceTypeConfig[$type]->checkIsHiddenPath($path)) {
    110. 

  110.                         $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
    111. 

  111.                     }
    112. 

  112.                 }
    113. 

  113. 

  114.                 $sourceFilePath = $_resourceTypeConfig[$type]->getDirectory().$path.$name;
    115. 

  115. 

  116.                 // check #6 (hidden file name)
    117. 

  117.                 if ($currentResourceTypeConfig->checkIsHiddenFile($name)) {
    118. 

  118.                     $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_INVALID_REQUEST);
    119. 

  119.                 }
    120. 

  120. 

  121.                 // check #7 (Access Control, need file view permission to source files)
    122. 

  122.                 if (!isset($aclMasks[$type."@".$path])) {
    123. 

  123.                     $aclMasks[$type."@".$path] = $_aclConfig->getComputedMask($type, $path);
    124. 

  124.                 }
    125. 

  125. 

  126.                 $isAuthorized = (($aclMasks[$type."@".$path] & QFINDER_CONNECTOR_ACL_FILE_VIEW) == QFINDER_CONNECTOR_ACL_FILE_VIEW);
    127. 

  127.                 if (!$isAuthorized) {
    128. 

  128.                     $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_UNAUTHORIZED);
    129. 

  129.                 }
    130. 

  130. 

  131.                 // check #8 (invalid file name)
    132. 

  132.                 if (!file_exists($sourceFilePath) || !is_file($sourceFilePath)) {
    133. 

  133.                     $errorCode = QFINDER_CONNECTOR_ERROR_FILE_NOT_FOUND;
    134. 

  134.                     $this->appendErrorNode($oErrorsNode, $errorCode, $name, $type, $path);
    135. 

  135.                     continue;
    136. 

  136.                 }
    137. 

  137. 

  138.                 // check #9 (max size)
    139. 

  139.                 if ($currentResourceTypeConfig->getName() != $type) {
    140. 

  140.                     $maxSize = $currentResourceTypeConfig->getMaxSize();
    141. 

  141.                     $fileSize = filesize($sourceFilePath);
    142. 

  142.                     if ($maxSize && $fileSize>$maxSize) {
    143. 

  143.                         $errorCode = QFINDER_CONNECTOR_ERROR_UPLOADED_TOO_BIG;
    144. 

  144.                         $this->appendErrorNode($oErrorsNode, $errorCode, $name, $type, $path);
    145. 

  145.                         continue;
    146. 

  146.                     }
    147. 

  147.                 }
    148. 

  148. 

  149.                 //$overwrite
    150. 

  150.                 // finally, no errors so far, we may attempt to copy a file
    151. 

  151.                 // protection against copying files to itself
    152. 

  152.                 if ($sourceFilePath == $destinationFilePath) {
    153. 

  153.                     $errorCode = QFINDER_CONNECTOR_ERROR_SOURCE_AND_TARGET_PATH_EQUAL;
    154. 

  154.                     $this->appendErrorNode($oErrorsNode, $errorCode, $name, $type, $path);
    155. 

  155.                     continue;
    156. 

  156.                 }
    157. 

  157.                 // check if file exists if we don't force overwriting
    158. 

  158.                 else if (file_exists($destinationFilePath) && strpos($options, "overwrite") === false) {
    159. 

  159.                     if (strpos($options, "autorename") !== false) {
    160. 

  160.                         $fileName = QFinder_Connector_Utils_FileSystem::autoRename($sServerDir, $name);
    161. 

  161.                         $destinationFilePath = $sServerDir.$fileName;
    162. 

  162.                         if (!@copy($sourceFilePath, $destinationFilePath)) {
    163. 

  163.                             $errorCode = QFINDER_CONNECTOR_ERROR_ACCESS_DENIED;
    164. 

  164.                             $this->appendErrorNode($oErrorsNode, $errorCode, $name, $type, $path);
    165. 

  165.                             continue;
    166. 

  166.                         }
    167. 

  167.                         else {
    168. 

  168.                             $copied++;
    169. 

  169.                         }
    170. 

  170.                     }
    171. 

  171.                     else {
    172. 

  172.                         $errorCode = QFINDER_CONNECTOR_ERROR_ALREADY_EXIST;
    173. 

  173.                         $this->appendErrorNode($oErrorsNode, $errorCode, $name, $type, $path);
    174. 

  174.                         continue;
    175. 

  175.                     }
    176. 

  176.                 }
    177. 

  177.                 // copy() overwrites without warning
    178. 

  178.                 else {
    179. 

  179.                     if (!@copy($sourceFilePath, $destinationFilePath)) {
    180. 

  180.                         $errorCode = QFINDER_CONNECTOR_ERROR_ACCESS_DENIED;
    181. 

  181.                         $this->appendErrorNode($oErrorsNode, $errorCode, $name, $type, $path);
    182. 

  182.                         continue;
    183. 

  183.                     }
    184. 

  184.                     else {
    185. 

  185.                         $copied++;
    186. 

  186.                     }
    187. 

  187.                 }
    188. 

  188.             }
    189. 

  189.         }
    190. 

  190. 

  191.         $this->_connectorNode->addChild($oCopyFilesNode);
    192. 

  192.         if ($errorCode != QFINDER_CONNECTOR_ERROR_NONE) {
    193. 

  193.             $this->_connectorNode->addChild($oErrorsNode);
    194. 

  194.         }
    195. 

  195.         $oCopyFilesNode->addAttribute("copied", $copied);
    196. 

  196.         $oCopyFilesNode->addAttribute("copiedTotal", $copiedAll + $copied);
    197. 

  197. 

  198.         /**
    199. 

  199.          * Note: actually we could have more than one error.
    200. 

  200.          * This is just a flag for QFinder interface telling it to check all errors.
    201. 

  201.          */
    202. 

  202.         if ($errorCode != QFINDER_CONNECTOR_ERROR_NONE) {
    203. 

  203.             $this->_errorHandler->throwError(QFINDER_CONNECTOR_ERROR_COPY_FAILED);
    204. 

  204.         }
    205. 

  205.     }
    206. 

  206. 

  207.     private function appendErrorNode($oErrorsNode, $errorCode, $name, $type, $path)
    208. 

  208.     {
    209. 

  209.         $oErrorNode = new QFinder_Connector_Utils_XmlNode("Error");
    210. 

  210.         $oErrorNode->addAttribute("code", $errorCode);
    211. 

  211.         $oErrorNode->addAttribute("name", QFinder_Connector_Utils_FileSystem::convertToConnectorEncoding($name));
    212. 

  212.         $oErrorNode->addAttribute("type", $type);
    213. 

  213.         $oErrorNode->addAttribute("folder", $path);
    214. 

  214.         $oErrorsNode->addChild($oErrorNode);
    215. 

  215.     }
    216. 

  216. }
    217. 

  217.